async def refresh(user: User = Depends(get_active_user_from_cookie), Authorize: AuthJWT = Depends()): try: # set the user group if user.account_type == 'admin': user_claims = {'admin': True} admin_logger.info(f"Admin refresh token: {user.email}") elif user.account_type == 'filer': user_claims = {'filer': True} user_logger.info(f"User refresh token: {user.email}") elif user.account_type == 'public': user_claims = {'public': True} user_logger.info(f"Public refresh token: {user.email}") access_token = Authorize.create_access_token(subject=user.email, user_claims=user_claims) refresh_token = Authorize.create_refresh_token(subject=user.email, user_claims=user_claims) Authorize.set_refresh_cookies(refresh_token) return {"success": True, "access_token": access_token} except Exception as e: logger.exception(traceback.format_exc()) handle_exc(e)
def all_token_response(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject=1, fresh=True) refresh_token = Authorize.create_refresh_token(subject=1) response = JSONResponse(content={"msg": "all token"}) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
def get_cookie(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject='test',fresh=True) refresh_token = Authorize.create_refresh_token(subject='test') Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg":"Successfully login"}
def login( user: schemas.UserCreate, db: Session = Depends(get_db), Authorize: AuthJWT = Depends(), ): crud.prune_blacklist(db) _user = (db.query(models.User).filter( models.User.username == user.username.casefold()).first()) if _user is not None and crud.verify_password(user.password, _user.hashed_password): # Create Tokens access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Assign cookies Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return { "login": "******", "username": _user.username, "access_token": access_token, } else: raise HTTPException(status_code=400, detail="Invalid Username or Password.")
def get_token(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject=1, fresh=True) refresh_token = Authorize.create_refresh_token(subject=1) Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"access": access_token, "refresh": refresh_token}
async def get_login_response( request: Request, response: Response, auth_jwt: AuthJWT, parameters: AuthParams, access_token: str, refresh_token: str, ) -> Any: if parameters.cookie: if access_token: auth_jwt.set_access_cookies(access_token, response) if refresh_token: auth_jwt.set_refresh_cookies(refresh_token, response) if parameters.response_type == "json": return schemas.StandardResponse( schemas.AuthTokens( access_token=access_token, refresh_token=refresh_token, token_type="bearer", )) if parameters.response_type == "redirect": redirect_url = parameters.redirect_url or str(get_base_url(request)) if set_redirect_response(response, redirect_url): return None raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
def create_token_for_user(Authorize: AuthJWT, user_id: str) -> Dict: response = RedirectResponse( f'{Config["routes"]["client"]}/login_callback?user_id={user_id}') access_token = Authorize.create_access_token(subject=user_id) refresh_token = Authorize.create_refresh_token(subject=user_id) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
def create_access_and_refresh_tokens(user_id: str, Authorize: AuthJWT): try: access_token = Authorize.create_access_token(subject=user_id) Authorize.set_access_cookies(access_token) refresh_token = Authorize.create_refresh_token(subject=user_id) Authorize.set_refresh_cookies(refresh_token) except: raise HTTPException( status_code=500, detail=f"Error while trying to create and refresh tokens")
def login(user: User, Authorize: AuthJWT = Depends()): msg = password_check(user.password) if len(msg) >= 1: raise HTTPException(status_code=401,detail=msg) # subject identifier for who this token is for example id or username from database access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg":"Successfully login"}
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") # Create the tokens and passing to set_access_cookies or set_refresh_cookies access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
def user_login(credentials: Credentials, Authorize: AuthJWT = Depends(), db: Database = Depends(mysql_connection)): Authorize.jwt_optional() print(credentials) if not db.is_user_registred(credentials.email, credentials.password): raise HTTPException(status_code=401, detail="Bad credentials") access_token = Authorize.create_access_token(subject=credentials.email) refresh_token = Authorize.create_refresh_token(subject=credentials.email) response = JSONResponse( {"user_id": db.find_user_by_email(credentials.email)[0]}) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
def login(user: User, Authorize: AuthJWT = Depends()): """ With authjwt_cookie_csrf_protect set to True, set_access_cookies() and set_refresh_cookies() will now also set the non-httponly CSRF cookies """ if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") # Create the tokens and passing to set_access_cookies or set_refresh_cookies access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT and CSRF double submit cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
async def login(request: Request, user: Login, Authorize: AuthJWT = Depends()): # """ # create access and refresh token and save it as # httponly cookie # """ # query = USER.select().where(USER.c.email == user.email) # data = await database.fetch_one(query) data = await UserSchema.get(user.email) if data == None or user.email != data['email'] or user.password != data[ 'password']: raise HTTPException(status_code=401, detail="Bad username or password") token = Authorize.create_access_token(subject=user.email) refresh_token = Authorize.create_refresh_token(subject=user.email) Authorize.set_access_cookies(token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
def login( email: str = Body(...), password: str = Body(...), Authorize: AuthJWT = Depends(), db: Session = Depends(get_db), ): dbuser = userCRUD.authenticate(db, email=email, password=password) if not dbuser: raise HTTPException(status_code=401, detail="Failed to Authenticate") refresh_token = Authorize.create_refresh_token(subject=dbuser.id) access_token = Authorize.create_access_token(subject=dbuser.id, user_claims={ "username": dbuser.username, "email": dbuser.email, }) Authorize.set_refresh_cookies(refresh_token) return {"access_token": access_token}
async def saml_idp_initiated(request: Request, response: Response, Authorize: AuthJWT = Depends(), db_session: Session = Depends(get_db)): try: res = dict(await request.form()) saml_c = await saml_client(kind='admin') authn_response = saml_c.parse_authn_request_response( res['SAMLResponse'], entity.BINDING_HTTP_POST) authn_response.get_identity() user_info = authn_response.get_subject() username = user_info.text admin_logger.info(f"Admin SAML login attempt: {username}") user = saml_verify_admin_user(db_session, username) if user is None or not user: raise Exception("User unknown or not a City user.") access_token = Authorize.create_access_token( subject=user.email, user_claims={'admin': True}) refresh_token = Authorize.create_refresh_token( subject=user.email, user_claims={'admin': True}) Authorize.set_refresh_cookies(refresh_token) response.status_code = 303 response.headers[ "location"] = APP_HOST + FRONTEND_ROUTES['admin_auth_saml_success'] admin_logger.info(f"Admin SAML login succeeded: {username}") return response except Exception as e: logger.exception(traceback.format_exc()) return RedirectResponse( url=APP_HOST + FRONTEND_ROUTES['admin_auth_saml_fail'], status_code=303, )
async def filer_login(request: Request, form: Login, Authorize: AuthJWT = Depends(), db_session: Session = Depends(get_db)): try: user_logger.info(f"Login attempt: {form.username}") user = authenticate_filer_user(db_session, form.username, form.password) if user is None or not user: raise CREDENTIALS_EXCEPTION access_token = Authorize.create_access_token( subject=user.email, user_claims={'filer': True}) refresh_token = Authorize.create_refresh_token( subject=user.email, user_claims={'filer': True}) Authorize.set_refresh_cookies(refresh_token) user_logger.info(f"Login successful: {form.username}") return {"success": True, "access_token": access_token} except Exception as e: user_logger.info(f"Login failed: {form.username}") logger.exception(traceback.format_exc()) handle_exc(e)
def refresh_token_response(Authorize: AuthJWT = Depends()): refresh_token = Authorize.create_refresh_token(subject=1) response = JSONResponse(content={"msg": "refresh token"}) Authorize.set_refresh_cookies(refresh_token, response) return response
def refresh_token(Authorize: AuthJWT = Depends()): refresh_token = Authorize.create_refresh_token(subject=1) Authorize.set_refresh_cookies(refresh_token) return {"msg": "refresh token"}
def all_token(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject=1, fresh=True) refresh_token = Authorize.create_refresh_token(subject=1) Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "all token"}